A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Canonical: https://brnet.nl/.well-known/security.txt
Contact: mailto:security@isaeus.nl
Preferred-Languages: en,nl
Encryption: https://isaeus.nl/pgp-key.txt
Expires: 2026-05-03T03:40:02Z

-----BEGIN PGP SIGNATURE-----

iQGzBAEBCgAdFiEEJKZYhMDk9HcLcYvO3hipuwbh0DEFAmgVkBIACgkQ3hipuwbh
0DH9SQv+IuRBapAxlZmONBDgAvUYIRUvcIHZNYnb2drrdVew9v3e/frHlVrznjki
Od+HAYiT8o9c9nZwHUS9m0Q1TVecvxYuSAZ6A7aAWQGknteRmLapYByKevdG3tVZ
ukcCta6rObwGgNVkBz7T9VJnEcE51Ob7NfG29OR64RvaYupc4PJyj3bB04JA3EGF
0QUN+iBs2kCM1vo8lFuN43tkM5ovJKWcPZKwGPb/ONQSfzZPDFbkDoyVf7Pc2nr7
0C5EVP79pqR+J9RbuX5XyAs0f9ppXTadR4InE5PdnejlIPIn4Gg9hz8jc2AuwIVx
yGFpVl4nOAdS4xmdWmVyttwW63U2RqdRh1Yfm7UwfaK4cG6SqxJ0QByo5vIe7WJA
uhQf+pBkXxpmErwZRoXQ0oApGP8SuMguGFFOct3W9bZvidhoiljUixAeZTWwbX9v
l8f/1Q56itVTlFl02NBUC3Y59TIMqE15Lzcr+BL7UUS37hL+dHj95huoL0KqKsp0
dXXZnPnk
=7OhL
-----END PGP SIGNATURE-----